<?php

/*
* This script deletes projects associated with a user.
* In order to use it, you should supply it with a 'user', and a 'pname' headers in a POST request
*
* @method POST	
* @header prname The project name
* @header user The username
*
* @return mysql_error()
*          The mysql error that caused this program to halt if it fails
* @return html select form
*          HTML select that contains the new project list as options
*/


require_once("connect_to_database.php");

$user_name = mysql_real_escape_string($_POST['user']);
$project_name = mysql_real_escape_string((isset($_POST['prname']) ? $_POST['prname'] : ""));

//check to see if the user is the owner of the project. Don't allow
//anyone but the owner to delete the project
$sql = sprintf("SELECT isCreator FROM projects WHERE participant='%s' AND name='%s';",$user_name, $project_name);
$isCreator = mysql_query($sql);

if(!$isCreator)
	die(mysql_error());

while($row = mysql_fetch_assoc($isCreator)){
	
	/* If the user is the creator of the project, delete the project from the 'projects' table and DROP its table from the db */
	if($row['isCreator'] == 1){
		$query1 = sprintf("DELETE FROM projects WHERE name='%s';",$project_name);
		$query2 = sprintf("DROP TABLE `%s`;",$project_name);
		$query3 = sprintf("DROP TABLE `%s_chat`;",$project_name);
		$query4 = sprintf("DELETE FROM points WHERE projectName='%s';",$project_name);
		$result1 = mysql_query($query1);
		$result2 = mysql_query($query2);
		$result3 = mysql_query($query3);
		$result4 = mysql_query($query4);
		mysql_query("DELETE FROM members WHERE username = '".$user_name."'");
	}
	
	/* If the user is not the creator, disassociate him/her from the project and remove the project from their 'projects list'. */
	else{
		$query = sprintf("DELETE FROM projects WHERE participant='%s' AND name='%s';",$user_name, $project_name);
		$result = mysql_query($query);
		mysql_query("DELETE FROM members WHERE username = '".$user_name."'");
	}
}

?>
